3 Phases:
1.Risk Recognition:
we will open each and every role.
identify risks in each role.
identify risks in each role.
Discuss with business team
👇
we will Remediation or Mitigation discussion.
2.Rule building & Validation:
we will Remediation or Mitigation discussion.
2.Rule building & Validation:
1. Validates the risks in the role.
2.customize role.
3.test
3.Analysis:
1.check in case we need to do any modifications or not.
2.Ensure Phase1( Risk Recognition & Rule buildings validation) is correct as per the business needs or not.
2.Ensure Phase1( Risk Recognition & Rule buildings validation) is correct as per the business needs or not.
eg: Providing access to room 4,7.
4.Remediation:
Remove risk
eg: Swipe in & Swipe out in office to avoid risk of unauthorized people entering in to office.
eg: Swipe in & Swipe out in office to avoid risk of unauthorized people entering in to office.
5.Mitigation:
Compensation control.
6.Continuous Compliance:
- Monitoring the present configuration.
- Adopt for the changes as per the business.
- Alert Mechanism.
- Monitoring the mitigation control.
-----------------------------------------------------------------------------------------------------------------------------
No comments:
Post a Comment